PBBFA23CSE/Bib-Arts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Bib-Arts/Model/AuthModel.php
Max538 78e1e72eba implemented authmodel
2025-06-16 15:12:28 +02:00

150 lines
5.2 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?php
namespace Blog\Model;
use PDOException;
class AuthModel extends Database
{
public function login($email, $password){
$hashedPassword = password_hash($password, PASSWORD_DEFAULT);
$params=array();
$params[":email"] = $email;
$params[":password"] = $hashedPassword;
$sql = "SELECT email, password, validUntil FROM user WHERE email = $email AND password = $password";
$pdo = $this->linkDB();
try {
$sth = $pdo->prepare($sql);
$sth->execute($params);
$result = $sth->fetchAll();
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Schreiben der Daten.", $e);
die;
}
if(new \DateTime() <= DateTime($result['validUntil']))
return $result ? true : false;
else
return "Ihr Passwort ist abgelaufen \n bitte erstellen Sie ein neues über: Passwort Vergessen";
}
public function register($email, $password, $straße, $hausnr, $ort, $postleitzahl, $land, $vorname, $nachname, $tel)
{
$rtn = $this->pwRequirementCheck($password);
if($rtn !== true){
return $rtn;
}
else{
$hashedPassword = password_hash($password, PASSWORD_DEFAULT);
$sql = "INSERT INTO user (email, passwort, straße, hausnr, ort, postleitzahl,land, vorname, nachname, tel)
VALUES (:email, :password, :straße, :hausnr, :ort, :postleitzahl, :land, :vorname, :nachname, :tel)";
try{
$pdo = $this->linkDB();
$stmt = $pdo->prepare($sql);
return $stmt->execute([
':email' => $email,
':password' => $hashedPassword,
':straße' => $straße,
':hausnr' => $hausnr,
':ort' => $ort,
':postleitzahl' => $postleitzahl,
':land' => $land,
':vorname' => $vorname,
':nachname' => $nachname,
':tel' => $tel
]);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Schreiben der Daten.", $e);
die;
}
}
}
private function pwRequirementCheck($password){
$error = [];
if(strlen($password) <= 8)
$error[] = "min 8 Charackter";
if(!preg_match("/[A-Z]/", $password))
$error[] = "min one large Character";
if(!preg_match("/[a-z]/", $password))
$error[] = "min one small charakter";
if(!preg_match("/[0-9]/", $password))
$error[] = "min one number";
if(!preg_match("/[ <>|°^,;·.:…\-_#'+*~!¹\"²§³\$¼%½&¬/{([)]=}?ß\\\`¸´¡⅛£¤⅜⅝⅞™±¿˛¯˘—÷×»«¢„“”µþø→↓←ŧ¶€ſ@æſðđŋħ.ĸłµ”“„¢«»›‹©‚‘’ºÆẞЪŊĦ˙&ŁΩ§€®Ŧ¥↑ıØÞ ]/", $password));
$error[] = "min one of these: <>|°^,;·.:…\-_#'+*~!¹\"²§³\$¼%½&¬/{([)]=}?ß\\\`¸´¡⅛£¤⅜⅝⅞™±¿˛¯˘—÷×»«¢„“”µþø→↓←ŧ¶€ſ@æſðđŋħ.ĸłµ”“„¢«»›‹©‚‘’ºÆẞЪŊĦ˙&ŁΩ§€®Ŧ¥↑ıØÞ";
if(empty($error))
return true;
else
return $error;
}
public function pwForgot($email){
$randomPw = bin2hex(random_bytes(12 / 2));
$hashedPassword = password_hash($randomPw, PASSWORD_DEFAULT);
$betreff = "Passwort zurücksetzen bei bibArts";
$nachricht = "Hallo,\n\nhier ihr temporäres Passwort:\n\n $randomPw \n\n Bitte beachten Sie, dass das Passwort nur 2 stunden Gülltig ist. \nViele Grüße,\nbibArts Team";
$header = "From: noreply@edu.bib.de\r\n";
$header .= "Content-Type: text/plain; charset=UTF-8\r\n";
$maxTries = 5;
$try = 0;
$success = false;
while ($try < $maxTries && !$success) {
$erfolg = mail($email, $betreff, $nachricht, $header);
$try++;
if (!$erfolg) {
error_log("Mailversuch $try an $email fehlgeschlagen.");
sleep(1);
}
}
}
private function forgottenPwUpdate($email, $hashedPassword)
{
try{
$pdo = $this->linkDB();
$sqlCheck = "SELECT COUNT(*) FROM user WHERE email = :email";
$stmt = $pdo->prepare($sqlCheck);
$stmt->execute([':email' => $email]);
if ($stmt->fetchColumn() == 0) {
return false;
}
$sql = "UPDATE user
SET passwort = :password
WHERE email = :email";
$stmt = $pdo->prepare($sql);
return $stmt->execute([
':email' => $email,
':password' => $hashedPassword
]);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Aktualisieren der Daten.", $e);
die;
return false;
}
}
public function checkDoublePw($password1, $password2){
if($password1 === $password2){
return true;
}
else
return false;
}
}
Reference in New Issue View Git Blame Copy Permalink